System and method to transform results of client requests using client uploaded presentation formats

ABSTRACT

Method and apparatus to facilitate access to a network-based publication system. In an embodiment, a user or third party affiliate of a network-based publication system uploads a style sheet or other presentation format file to a database in the network-based publication system. Thereafter, the user or third party affiliate sends a request to the network-based publication system, and the publication system uses one or more of the uploaded style sheets to format the response to be transmitted back to the third party affiliate.

TECHNICAL FIELD

The present application relates generally to the field of networkcommunications and, in an example embodiment, but not by way oflimitation, to communications between portals and other serviceproviders in a network.

BACKGROUND

Some of the advantages offered by a typical network-based publicationsystem (e.g, a website) are the simplicity, promptness and convenienceof participating in the online information publishing and viewingprocess.

However, since website development can be very expensive, and manybusinesses cannot easily develop their own websites, many businesseshave expanded into the online arena by associating themselves with theservices provided by online service providers. Consequently, instead ofdeveloping their own websites, these businesses have developedthird-party applications that interact with network-based systems. Thesethird party applications may enhance the user experience for users ofthe network-based publication system by providing programs that thenetwork-based publication system does not have. Regarding theenhancement of the user experience for a user of a particular business'ssystems, these third party applications may integrate the applicationsof that particular business entity with a particular popularnetwork-based publication system and extend platforms of that businessentity into new business areas.

Additionally, these third-party application programs may be extremelyvaluable for users who conduct a great many business transactions usingthe network-based publication system, and users who would like to havethe information presented to attract buyers in a way that may bedifferent from the network-based publication system. Moreover,businesses who use these third party application programs may have itemslisted for trading on the network-based publication system, but may wishto have the users interact with the network-based publication systemthrough the business's Website using such third party applications.Thus, such third party applications may expand a business's services toits clients.

FIG. 1 illustrates an example of a typical networked system in which auser is able to invoke a third party application in conjunction withaccessing a network-based publication system. Specifically, FIG. 1illustrates a network-based publication system 100 (e.g., an onlinepublication system). In the system 100, a user 110 is able to access andcommunicate with a network-based publication system 115 through anetwork 108 such as the Internet. The network-based publication system115 includes a user interface 106, an application engine 104, and adatabase 102. The user interface 106 contains application programs thataccept requests from the users. In connection with a user 110 accessinga network-based publication system, the user 110 may invoke one of itsown applications 112, or the application 112 of another third party.

FIG. 1 a illustrates a more detailed example of the manner in which auser 110 may invoke a third party application 112 in connection withaccessing a network-based publication system 115. In FIG. 1 a, the user110 communicates with other entities in the system 100 by sending aneXtensible Markup Language (XML) request 120 over HyperText TransferProtocol 122 (HTTP). The application engine 104 of the network-basedpublication system 115 executes the request 120 (e.g., retrievingparticular items available in an auction), and returns the results tothe user 110 through the network 108 also in an XML document over HTTPprotocol. The user 110 may then transform the data in the XML documentinto an HTML document. In this manner, the user 110 can transform therelatively raw data in the XML format into an HTML document which willdisplay the data with the particular look and feel that the user 110wants to convey on its internal systems.

FIG. 1 b illustrates another example of the manner in which a user 110may access a network-based publication system 115 and use a third partyapplication 112. In FIG. 1 b, the user 110 may transfer a style sheet124, such as an eXtensible Style Language style sheet, over HTTPprotocol 122 to the network-based publication system 115. Alternatively,a user 110 may include a URL in the HTTP protocol based message sent tothe network-based publication system, and the publication system caninvoked the URL to access the style sheet. The transfer of this stylesheet may be combined with a request to retrieve data from thenetwork-based publication system 115. In addition to retrieving the datacontained within the user's request, the network-based publicationsystem 115 uses the style sheet 124 to create an HTML document 126. Thenetwork-based publication system 115 transmits the HTML document 126 tothe user 110, who can then display the data in the format dictated bythe HTML document.

These approaches to the use of third party applications in connectionwith a network-based publication system however present several problemsto such users 110, especially smaller business entities that do not havethe bandwidth, hardware, and/or personnel to implement such systems inconnection with their internal systems and applications. In a system inwhich a network-based publication system transmits an XML document 120to a user 110, the conversion of that XML document 120 to an HTMLdocument 126 is not a trivial task. The user 110 must have available toit the bandwidth, servers (hardware and software), and personnel toaccomplish such a conversion. Moreover, if there is a change in thecreation of the XML document 120 on the network-based publication system100, the code on the user's system that converts the XML document 120into an HTML document 126 must also be changed.

Similarly, in systems in which a user transmits a style sheet to anetwork-based publication system, and thereafter receives an HTMLdocument back from that facility, the network-based publication systemhas little control over such style sheets, and is therefore susceptibleto error-ridden style sheets, or worse yet, style sheets that containmalicious code that can wreak havoc to a network-based publicationsystem 115.

Network-based publication systems are therefore in need of an improvedmanner to respond to client requests and format responses to theserequests.

SUMMARY OF THE INVENTION

An embodiment of the present invention discloses methods and apparatusesfor transforming on a server the results of a client request usingpresentation formats that have been uploaded to the server by theclient. In one embodiment, a client uploads presentation formats to adata base on a network-based publication system. Such presentationformats may include an eXtensible Style Language (XSL) file, CascadingStyle Sheets (CSS), or some other presentation format/language. Theprotocol used by the client and server may be the Hyper Text TransferProtocol (HTTP), and the request itself may be formatted in theeXtensible Markup Language (XML). The network-based publication systemexecutes the client's request, and uses the client-uploaded presentationformats to generate a server-side transformation and response to theclient's request. In an embodiment, that response is in a HyperTextMarkup Language (HTML) format, and that HTML document is transmitted tothe client over HTTP protocol and displayed on the client's system.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention is illustrated by way of example and notlimitation in the figures of the accompanying drawings, in which likereferences indicate similar elements and in which:

FIG. 1 is an exemplary prior art embodiment of a network-basedpublication system and a third-party application;

FIG. 1 a is an exemplary prior art embodiment of a network-basedpublication system, a third party application, and the Hyper TextTransport Protocol and extensible Markup Language used by the facilityand third party application;

FIG. 1 b is an exemplary prior art embodiment of a network-basedpublication system, a third party application, and the Hyper TextTransport Protocol and extensible Style Language used by the facilityand third party application;

FIG. 2 is an exemplary block diagram of one embodiment of anetwork-based publication system;

FIG. 3 illustrates an exemplary block diagram of one embodiment of adatabase maintained by a database engine server;

FIG. 4 illustrates an exemplary diagrammatic representation of oneembodiment of a user table within the database of FIG. 3;

FIG. 5 illustrates an exemplary diagrammatic representation of oneembodiment of a locations table within the database;

FIG. 6 illustrates an exemplary block diagram of an embodiment of anetwork-based publication system;

FIG. 7 illustrates another exemplary block diagram of an embodiment of anetwork-based publication system;

FIGS. 8A-8E illustrate a user interface to a network-based publicationsystem through which a user can upload style sheets;

FIG. 9 illustrates a block diagram of an exemplary embodiment of acomputer system that can implement embodiments of the present invention.

DETAILED DESCRIPTION

Methods and apparatuses for facilitating access to a network-basedpublication system such as, for example, an Internet-based, searchengine, portal or commerce system (e.g., publication system), inconjunction with the use of third party applications, are described. Inthe following description, for purposes of explanation, numerousspecific details are set forth in order to provide a thoroughunderstanding of the present invention. It will be evident, however, toone skilled in the art that the present invention may be practicedwithout these specific details.

Terminology

For the purposes of the present specification, the term “transaction”shall be taken to include any communications between two or moreentities and shall be construed to include, but not be limited to,commercial transactions including sale and purchase transactions,auctions, providing feedback, accessing e-mail, and the like.

Transaction Facility

FIG. 2 is a block diagram illustrating an exemplary network-basedpublication system 10. While an exemplary embodiment of the presentinvention is described within the context of an publication system, itwill be appreciated by those skilled in the art that the invention willfind application in many different types of computer-based, andnetwork-based, commerce facilities.

The publication system 10 includes one or more of a number of types offront-end servers, namely page servers 12 that deliver web pages (e.g.,markup language documents), picture servers 14 that dynamically deliverimages to be displayed within Web pages, listing servers 16, ComputerGraphic Interface (CGI) servers 18 that provide an intelligent interfaceto the back-end of system 10, and search servers 20 that handle searchrequests to the system 10. E-mail servers 21 provide, inter alia,automated e-mail communications to users of the system 10.

The back-end servers include a database engine server 22, a search indexserver 24 and a credit card database server 26, each of which maintainsand facilitates access to a respective database, for example, database23.

The Internet-based publication system 10 may be accessed by a clientprogram 30, such as a browser (e.g., the Internet Explorer distributedby Microsoft Corp. of Redmond, Wash.) that executes on a client machine32 and accesses the system 10 via a network such as, for example, theInternet 34. Other examples of networks that a client may utilize toaccess the publication system 10 include a wide area network (WAN), alocal area network (LAN), a wireless network (e.g., a cellular network),or the Plain Old Telephone Service (POTS) network.

Database Structure

FIG. 3 is a database diagram illustrating an exemplary database 23,maintained by and accessed via the database engine server 22, which atleast partially implements and supports the publication system 10. Thedatabase 23 may, in one embodiment, be implemented as a relationaldatabase, and includes a number of tables having entries, or records,that are linked by indices and keys. In an alternative embodiment, thedatabase 23 may be implemented as a collection of objects in anobject-oriented database.

Central to the database 23 is a user table 40, which contains a recordfor each user of the publication system 10. A user may operate as aseller, buyer, or both, with respect to the publication system 10. Auser information table 41 is linked to the user table 40 and includesmore detailed information about each user. The database 23 also includesitem tables 42 that may be linked to the user table 40. Specifically,the tables 42 include a seller items table 44 and a bidder items table46. A user record in the user table 40 may be linked to publication datarelating to multiple items that are being, or have been, auctioned viathe system 10, for example. A link indicates whether the user is aseller or a bidder (or buyer) with respect to items for which recordsexist within the item tables 42. The database 23 also includes a notetable 48 populated with note records that may be linked to one or moreitem records within the item tables 42 and/or to one or more userrecords within the user table 40. Each note record within the table 48may include, inter alia, a comment, description, history or otherinformation pertaining to an item being auctioned via the publicationsystem 10, or to a user of the publication system 10.

A number of other tables are also shown to be linked to the user table40, namely a user past aliases table 50, a feedback table 52, a feedbackdetails table 53, a bids table 54, an accounts table 56, an accountbalances table 58 and a transaction record table 60. In addition, thedatabase 23 includes a location table 59 which stores valid demographicinformation that is used to verify registration information submitted byusers during the registration process.

FIG. 4 is a diagrammatic representation of an exemplary embodiment ofthe user table 40 that is populated with records, or entries, for eachuser of the publication system 10. The table 40 includes a useridentifier column 62 that stores a unique identifier for each user. Aname column 64 stores a first name, a middle initial and a last name foreach user. An address column 66 stores full address information for eachuser, e.g., a street name and number, city, zip code, state, etc. Aphone number column 68 stores a home phone number for each user. It maybe desirable to have each user verified, for example, through someidentity checking process to verify that the user is who it ispurporting to be prior to granting access to a particular user.Verification detail column 70 and verification rating column 72 may beincluded in the user table 40 to indicate details and rating of eachindividual's verification process.

It will be appreciated that any information other than that describedabove may populate the user table 40 without loss of generality.

FIG. 5 is an exemplary diagrammatic representation of an embodiment ofthe location table 59. The location table 59 stores a list of currentzip codes and associated location information. In one embodiment, thedata stored in the location table 59 is imported from a commercialdatabase and is periodically completely re-populated with a new releaseof the commercial database. Alternatively, the data stored in thelocations table 59 is obtained from various sources including variouscommercial databases and/or the publication system 10 itself. The table59 includes a zip code column 80 that stores a list of current zip codesin the U.S. and abroad. Each zip code corresponds to valid cityinformation stored in a city column 82. A flag stored in a column 98indicates whether the city information stored in the column 82 is for amain city or an alias city. The zip code information stored in thecolumn 80 is also correlated with area code information stored in anarea code column 92 and with other location information stored in astate column 84, country name column 86, country code column 88, countrycolumn 90, time zone column 94, latitude column 96, and longitude column97. A column 95 includes a flag indicating, for each entry, whetherdaylight savings time is adopted in this geographic area. A sourcecolumn 99 stores a value indicating the source of the record, i.e.,whether the record was imported from a certain commercial database,created by an administrator of the publication system 10, or wasoriginated by other source.

It will be appreciated that other demographic information may alsopopulate the location table 59.

In an example embodiment, a network-based publication system 600/615 canbe described as illustrated in FIG. 6. The database 602 stores all ofthe information (e.g., user records, item records, etc. . . . )maintained by the publication system 600 as discussed above. In anembodiment, the database 602 includes a database 707 that containsclient-uploaded presentation formats. A commerce engine 604 is furthercoupled to the database 602. The commerce engine 604 contains all of thebusiness logic, for instance, how an auction will work if thepublication system 600 is an auction. This includes rules such as how tocalculate the highest bid, to set the minimum bid for a particular item,determine what fields are necessary and optional for a particular item,or in short, all of the logic of how to manage the auction. The commerceengine 604 functions based on program codes that are configured toaccess the information stored in the database 602. The codes can bewritten in any suitable programming language that can access theinformation stored in the database 602 for instance, in C++ language.

Continuing with the embodiment shown in FIG. 6, a user interface 606 iscoupled to the commerce engine 604. It is the database 602, the commerceengine 604, and the user interface 606 that essentially make up theserver side of the network-based publication system 615. The userinterface 606 includes application programs that are run from thecommerce engine 604 that provide a user interface for the publicationsystem 615. For example, when a user 610 visits a web site belonging tothe publication system 615, the user interacts with the user interfaceapplication programs included in the user interface 606 that essentiallyprovide a browser with which the user may interact. That is, the userinterface 106 is functioning as an application interface exposed to thethird party (which behind the scenes does the transformation processing)and returns the response to the third party using an XSL style sheetspecified in the request message. In one example, the browser presents ahumanly readable interface for the user to interact with the publicationsystem 615. Through the application programs, the user can interact withthe commerce engine 604 and the database 602 to obtain or submit thedesired information. After the data are extracted from the database 602,the data are presented to the user in the human readable format forinteraction. One well known example of a data format that can bepresented to the user for such interaction is the Hyper Text MarkupLanguage (HTML). HTML defines the page layout, font, graphic elements aswell as hyper links to other documents on the website of the publicationsystem 600.

A user of the publication system 600 is typically connected to theInternet or other network 608 via any suitable method, for instance,through a conventional cable and a modem, wireless access modem and anantenna, etc. A user can also be a computer with programs to act onbehalf of the actual user. Typically, the user is connected to thenetwork 608 by issuing to the publication system 600 a HyperTextTransport Protocol command 122 (HTTP). HTTP 122 is a communicationprotocol used to connect to servers on the WorldWideWeb, for instance,servers 12, 14, 16, and 20 of the publication system 10 in FIG. 2, orcommerce engine 104 in FIG. 6. HTTP may also transmit HTML pages tobrowsers utilized by the user to access the publication system 600. Inanother embodiment, a Representational State Transfer (REST) ApplicationProgram Interface (API) may be used. As known to those of skill in theart, a REST API is a more succinct HTTP protocol that uses a subset ofHTTP commands.

FIG. 6 in particular illustrates an embodiment in which a user or thirdparty affiliate 610 of a network-based publication system 600 may uploada style sheet 628, e.g., an eXtensible Style Language (XSL) or aCascading Style Sheet (CSS), to the database 707 in the network-basedpublication system 615, make a request to the network-based publicationsystem (such as a request to do a search and return the search resultsto the network-based publication system), and receive back the searchresults in a readily displayable HTML document 126 (which containstherein statements/commands dictating the format of the documentformatted from the style sheet 628 that was uploaded to thenetwork-based publication system database 707).

The embodiment illustrated in FIG. 6 employs a two phase process. First,a user or third party affiliate 610 uploads a style sheet 628 to adatabase 707 in a network-based publication system 615. Second, sometimethereafter, the user or third party affiliate 610 makes a request to thenetwork-based publication system, such as a request for information, andthe network-based publication system 600 returns that information to thethird party affiliate 610 in a form dictated by the style sheet. Inanother embodiment, several style sheets are uploaded to thenetwork-based publication system 615, and the user 601 includes in therequest a key to identify the style sheet that the user would like toinvoke.

A more detailed illustration of the embodiment of FIG. 6 is illustratedin FIG. 7. In FIG. 7, a user or third party affiliate 710 of anetwork-based publication system 700 may upload to a database 707 in thenetwork-based publication system 700 an XSL, CSS, or other style sheet728. The style sheet 728 is transmitted in a request message over HTTPprotocol, for example, an HTTP POST command. In an embodiment, themessage 722 is first screened by a firewall 715. One purpose of thefirewall 715 is to prevent viruses and other harmful files from gainingaccess to the network-based publication system 700, and in particular,the firewall 715 prevents the introduction of any harmful files via athird party affiliate's submission of a style sheet 728. After passingthrough the firewall 715, a processing unit 720 performs a first checkon the style sheet 728. In an embodiment, this first check involves asimple syntactic validation of the XSL or other format presentationcode, and a parsing and normalization of the format presentation code.The request 722 containing the style sheet 728 is transferred throughfirewall 716 to another internal processor 725. The processor 725 writesthe style sheet 728 to the database 707, and marks the style sheet asinactive. The processor 725 further informs a scrubber process 735 thata new style sheet has been written to the database 707. The scrubberprocess 735 reads the style sheet 728, and scans it to determine ifthere are any viruses, malicious content, or other potentially harmfulcode (such as ActiveX script code, Java script code, attempts to accessURLs or other internal resources, attempts to access XSLs from otheruntrusted sites, attempts to make external/outbound connections, or thepresence of non-terminating recursive logic). In an embodiment, thesystem 700 checks the XSL files after scrubbing to verify that thescrubbing was successfully completed. If the scrubbing was successful,the database 707 is updated to indicate that the style sheet 728 isactive. If the scrubbing process 735 did not successfully complete, thestyle sheet 728 remains inactive, and the system 700 notes the scrubbingfailure. After the completion of the scrubber process 735, in anembodiment, a process 745 performs XSL to HTML transform tests on thestyle sheet 728 to determine if the XSL style sheet can successfullytransform some test XML documents into other XML documents or HTMLdocuments. A successful completion of these transform tests verifiesthat the style sheet 728 contains proper commands, code and syntax(either XSL, CCS, or some other format language) so that when the system700 is called upon to transform a third party's search results from anXML format to an HTML format, there will be no errors in the conversionprocess. These transforms are further needed to check that it will nottake an indefinite time period to execute the transformation of XML toHTML using the given XSL style sheet. Furthermore, these transform testsrestrict style sheets so that they are executed within reasonable andconfigurable periods so as to minimize computational impact on annetwork-based publication system (e.g., making an E-commerce siteunstable with respect to availability). In an embodiment, the AVScrubber 735 and the process 735 are part of an extensible validationpipeline 737. In the extensible validation pipeline 737, validationprocesses can be added, deleted, activated, and deactivated as futurerequirements dictate.

In an embodiment, the uploading of a style sheet 728 is implemented bythe third party user affiliate 710 through a user interface websitemaintained by the network-based publication system 700. FIGS. 8A-8Eillustrate examples of web pages that are associated with such aninterface. FIG. 8A illustrates a page 800 that lists severalapplications 805 that may be accessed by a third party user. FIG. 8Billustrates a page 810 that lists the style sheets 815 that areassociated with a particular application of a third party affiliate user710. In this embodiment, the web page displays an identifier 816 foreach style sheet, a file name 818 for each style sheet, the date andtime 817 when that style sheet was uploaded into the system's database707, and whether the style sheet is active at 819. In anotherembodiment, a transformation timeout history is maintained, and thetransformation timeout history keeps a record of the times that aparticular style sheet timed out in its transformation from an XMLdocument to an HTML document. A history of timeouts for a particularstyle sheet indicates a problem with that style sheet. FIG. 8Cillustrates a page 830 that permits a user to upload a new style sheet,FIG. 8D illustrates a page 840 that permits a user to view a style sheetfile, and FIG. 8E illustrates a page 850 that permits a user to rename astyle sheet file. In an embodiment, for security purposes, a user 710 isnot permitted to edit style sheets. If a user would like to change astyle sheet, the user must first delete the style sheet, and thenreplace it by adding a new version of that style sheet. In anembodiment, the facility 700 may place an upper limit on the number ofstyle sheets that a third party affiliate is allowed to upload to thedatabase 707.

After the upload of a style sheet 728 into the database 707 in thenetwork-based publication system 700, and the indication that the stylesheet is active and has passed the transform tests, the style sheet 728is available to the facility 700 for the facility to format data into anHTML document (or another XML document) before such data is transferredfrom the network-based publication system 700 to the third partyaffiliate 710. In an embodiment, this transmission of data from thenetwork-based publication system 700 can be in response to a request forinformation by the third party affiliate. In another embodiment, datacan be sent by the network-based publication system 700 to a third partyaffiliate 710 independent of any specific request by a third party user.

Specifically, referring again to the embodiment of FIG. 7, a third partyaffiliate 710 submits a request for information to the network-basedpublication system 700. In an embodiment, this request includes acommand to the publication system 700, such as an HTTP GET command andsearch parameters to retrieve data, and a file id to identify a stylesheet 728 in the database 707. The request 722 passes through thefirewall 715, through processor 720, through firewall 716, and toprocessor 725. Processor 725 reads the request 722, parses out thecommand, and signals internal processor 740 to retrieve the informationfrom its databases 702 that meet the criteria specified in the request722. In an embodiment, this retrieved data is formatted into an XMLdocument. Processor 725 then transmits the search results to processor755 which, in an embodiment, includes a formatting module. Processor 725further retrieves the XSL style sheet 728 identified in the originalrequest 722 for this third party affiliate from the database 707, andtransmits that style sheet 728 to processor 755. In another embodiment,recently used style sheets are maintained in a cache memory, andprocessor 725 first checks cache memory to determine if the needed stylesheet is in cache memory. The formatting module in processor 755 usesthe style sheet 728 to transform the data into an HTML document 760. Inan embodiment, processor 755 creates a new execution process thatperforms the actual transformation. The processor 755 monitors thistransformation process, and if the time that it takes to transform thisdata exceeds a threshold (e.g., 3000 milliseconds), processor 755terminates the transformation process and returns an error message tothe client. Furthermore, if the client continues to send requests usingthe same XSL file id, which results in consecutive transformationstimeouts, that XSL instance is disabled and made inactive. In thismanner, the network-based publication system 700 is able to prevent atrun time system taxing events caused by the transformation such asinfinite loops and/or other malicious events.

The HTML document 760 is then transmitted back to the third partyaffiliate 710, and the third party affiliate's system renders the HTMLdocument.

Computer Architecture

FIG. 9 shows a diagrammatic representation of machine in the exemplaryform of a computer system 900 within which a set of instructions, forcausing the machine to perform any one of the methodologies discussedabove, may be executed. In the alternative embodiment, the machine maycomprise a network router, a network switch, a network bridge, PersonalDigital Assistant (PDA), a cellular telephone, a web appliance or anymachine capable of executing a sequence of instructions that specifyactions to be taken by the machine.

The computer system 900 includes a processor 902, a main memory 904 anda static memory 906, which communicate with each other via a bus 908.The computer system 900 may further include a video display unit 910(e.g., a liquid crystal display (LCD) or a cathode ray tube (CRT)). Thecomputer system 900 also includes an alpha-numeric input device 912(e.g., a keyboard), a cursor control device 914 (e.g., a mouse), a diskdrive unit 916, a signal generation device 920 (e.g., a speaker) and anetwork interface device 922.

The disk drive unit 916 includes a computer-readable medium 924 on whichis stored a set of instructions (i.e., software) 926 embodying any one,or all, of the methodologies described above. The software 926 is alsoshown to reside, completely or at least partially, within the mainmemory 904 and/or within the processor 902. The software 926 may furtherbe transmitted or received via the network interface device 922. For thepurposes of this specification, the term “computer-readable medium”shall be taken to include any medium that is capable of storing orencoding a sequence of instructions for execution by the computer andthat cause the computer to perform any one of the methodologies of thepresent invention. The term “computer-readable medium” shall accordinglybe taken to include, but not be limited to, solid-state memories, andoptical and magnetic disks.

Thus, a method and apparatus for detecting suspicious transactionsoccurring over a network-based transaction facility have been described.Although the present invention has been described with reference tospecific exemplary embodiments, it will be evident that variousmodifications and changes may be made to these embodiments withoutdeparting from the broader spirit and scope of the invention.Accordingly, the specification and drawings are to be regarded in anillustrative rather than a restrictive sense.

We claim:
 1. A method comprising: receiving from a client or a user apresentation format to a database on a network-based commerce system;storing the presentation format in the database; validating syntax ofthe presentation format and applying a scrubber process to thevalidation format to check for malicious content; using the presentationformat and one or more test documents to transform the test documents;marking the presentation format as active when the syntax is validated,the scrubber process finds no malicious content, and the one or moretest documents are transformed; receiving from the client or the user arequest to said network-based commerce system; and formatting a responseto said request on the network-based commerce system in a readilydisplayable format using said received presentation format.
 2. Themethod of claim 1, further comprising: transmitting said response to theclient or the user.
 3. The method of claim 1, wherein said presentationformat is selected from the group consisting of an eXtensible StyleLanguage (XSL) document and a Cascading Style Sheet (CSS) document. 4.The method of claim 1, wherein said network-based commerce system is anonline auction.
 5. The method of claim 1, wherein said request isreceived at said network-based commerce system via an eXtensible MarkupLanguage (XML) document over Hyper Text Transmission Protocol.
 6. Themethod of claim 1, wherein said presentation format comprises aneXtensible Style Language (XSL) document, and said test documentscomprise eXtensible Markup Language (XML) documents.
 7. The method ofclaim 2, wherein said network-based commerce system creates a process totransform said request into said response using said presentationformat; said network-based commerce system sets a threshold for saidprocess; and said network-based commerce system terminates said processif said process fails to complete said transformation within saidthreshold.
 8. The method of claim 1, wherein said request comprises acommand to access information on said network-based commerce system anda key to identify said presentation format for said response.
 9. Themethod of claim 1, wherein the readily displayable format comprises ahyper text markup language (HTML) document.
 10. The method of claim 1,wherein the one or more test documents comprise an XML document and theXML document is transformed into another XML document or an HTMLdocument.
 11. The method of claim 1, wherein a duration of time that ittakes to transform the one or more test documents using the presentationformat is examined to verify that the transformation does not take anindefinite time period.
 12. The method of claim 1, comprisingmaintaining a transformation timeout history for a presentation format.13. A tangible computer readable storage device comprising instructionsthat when executed by a processor execute a process comprising:receiving from a client or a user a presentation format to a database ona network-based commerce system; storing the presentation format in thedatabase; validating syntax of the presentation format and applying ascrubber process to the validation format to check for maliciouscontent; using the presentation format and one or more test documents totransform the test documents; marking the presentation format as activewhen the syntax is validated, the scrubber process finds no maliciouscontent, and the one or more test documents are transformed; receivingfrom the client or the user a request to said network-based commercesystem; and formatting a response to said request on the network-basedcommerce system in a readily displayable format using said receivedpresentation format.
 14. The tangible computer readable storage deviceof claim 13, further comprising instructions for: transmitting saidresponse to the client or the user.
 15. The tangible computer readablestorage device of claim 13, wherein said presentation format is selectedfrom the group consisting of an eXtensible Style Language (XSL) documentand a Cascading Style Sheet (CSS) document.
 16. The tangible computerreadable storage device of claim 13, wherein said network-based commercesystem is an online auction.
 17. The tangible computer readable storagedevice of claim 13, wherein said request is received at saidnetwork-based commerce system via an eXtensible Markup Language (XML)document over Hyper Text Transmission Protocol.
 18. The tangiblecomputer readable storage device of claim 13, wherein said presentationformat comprises an eXtensible Style Language (XSL) document, and saidtest documents comprise eXtensible Markup Language (XML) documents. 19.The tangible computer readable storage device of claim 14, wherein saidnetwork-based commerce system creates a process to transform saidrequest into said response using said presentation format; saidnetwork-based commerce system sets a threshold for said process; andsaid network-based commerce system terminates said process if saidprocess fails to complete said transformation within said threshold. 20.The tangible computer readable storage device of claim 13, wherein saidrequest comprises a command to access information on said network-basedcommerce system and a key to identify said presentation format for saidresponse.
 21. The tangible computer readable storage device of claim 13,wherein the readily displayable format comprises a hyper text markuplanguage (HTML) document.
 22. The tangible computer readable storagedevice of claim 13, wherein the one or more test documents comprise anXML document and the XML document is transformed into another XMLdocument or an HTML document.
 23. The tangible computer readable storagedevice of claim 13, wherein a duration of time that it takes totransform the one or more test documents using the presentation formatis examined to verify that the transformation does not take anindefinite time period.
 24. The tangible computer readable storagedevice of claim 13, comprising instructions for maintaining atransformation timeout history for a presentation format.
 25. A systemcomprising: a computer processor configured for: receiving from a clientor a user a presentation format to a database on a network-basedcommerce system; storing the presentation format in the database;validating syntax of the presentation format and applying a scrubberprocess to the validation format to check for malicious content; usingthe presentation format and one or more test documents to transform thetest documents; marking the presentation format as active when thesyntax is validated, the scrubber process finds no malicious content,and the one or more test documents are transformed; receiving from theclient or the user a request to said network-based commerce system; andformatting a response to said request on the network-based commercesystem in a readily displayable format using said received presentationformat.
 26. The system of claim 25, further comprising a computerprocessor configured for: transmitting said response to the client orthe user.
 27. The system of claim 25, wherein said network-basedcommerce system is an online auction.
 28. The system of claim 25,wherein said network-based commerce system creates a process totransform said request into said response using said presentationformat; said network-based commerce system sets a threshold for saidprocess; and said network-based commerce system terminates said processif said process fails to complete said transformation within saidthreshold.
 29. The system of claim 25, wherein said request comprises acommand to access information on said network-based commerce system anda key to identify said presentation format for said response.
 30. Thesystem of claim 25, wherein the one or more test documents comprise anXML document and the XML document is transformed into another XMLdocument or an HTML document.
 31. The system of claim 25, wherein aduration of time that it takes to transform the one or more testdocuments using the presentation format is examined to verify that thetransformation does not take an indefinite time period.
 32. The systemof claim 25, comprising a processor configured for maintaining atransformation timeout history for a presentation format.
 33. The systemof claim 25, wherein the readily displayable format comprises a hypertext markup language (HTML) document.